HPE GreenLake for Identity & Access Management APIs
HPE GreenLake for Identity & Access Management (IAM) APIs allow programmatic access to users and workspace credentials. The IAM APIs allow you to perform tasks without the user interface. You can:
- Invite, delete, and check user information.
- Create, delete, update, and check workspace credential.
Features
- User lifecycle management
- Credential management
Access and permissions
You need the correct role and permissions to use the HPE GreenLake IAM APIs. A role is a group of permissions that you can specify and assign to users in your HPE GreenLake workspace. There are 3 basic role types distinguished by the privileges defined in the authorization service:
- Administrator — has view, edit, and delete privileges in the workspace.
- Operator — has view and edit privileges in the workspace.
- Observer — has only view privileges in the workspace.
The following table lists Workspaces API calls along with the resource and permission required to make the call:
| Workspaces API call | Resource | Permission required |
|---|---|---|
| GET /identity/v1/users | User Account | View |
| POST /identity/v1/users | Authorization Service Platform Customer Account |
Edit |
| GET /identity/v1/users/{id} | Platform Customer Account | Edit |
| PUT /identity/v1/users/{id} | Platform Customer Account | View |
| DELETE /identity/v1/users/{id} | User Account | Delete |
| GET /workspaces/v1/credentials | Platform Customer Account | View |
| POST /workspaces/v1/credentials | Platform Customer Account | Edit |
| DELETE /workspaces/v1/credentials/{id} | Platform Customer Account | Delete |
| POST /workspaces/v1/credentials/{id}/reset | Platform Customer Account | Edit |
You can find out more about Identity & Access in the HPE GreenLake Edge to Cloud Platform User Guide. You can:
- Find a list of preconfigured roles and the permissions they have
- Learn how to create custom roles.
- Discover how to assign roles to users.
What's New
April 2024
Added HPE GreenLake for Credential Management APIs. The four Credential Management APIs allow you to add, create, delete, and reset credentials. See the change log for more information.